Unrestricted Modem on the Internet

Summary

A live and potentially unrestricted modem has been detected.

Impact

A remote intruder can anonymously dial anywhere that the
phone can call.

Background

In the past, dialout modems were often placed unprotected on one of a
UN*X host's TCP ports to facilitate their use. With the advent of
special purpose hardware with built-in protection facilities, as well
as extra authentication methods such as S/Key and digital tokens,
there is little reason to do this.

The problem

Anyone can use the modem to dial anywhere, enabling them to attack
random targets and incurring you a potentially large phone bill.

Fix

Disallow unprotected Internet access of the modem by placing it behind a
firewall or putting password or other extra authentication methods on
it (such as S/Key or digital tokens.)